• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
rig exploit kit now infects victims' pcs with dridex instead

RIG Exploit Kit Now Infects Victims’ PCs With Dridex Instead of Raccoon Stealer

You are here: Home / General Cyber Security News / RIG Exploit Kit Now Infects Victims’ PCs With Dridex Instead of Raccoon Stealer
June 22, 2022

The operators powering the Rig Exploit Package have swapped the Raccoon Stealer malware for the Dridex economical trojan as portion of an ongoing campaign that commenced in January 2022.

The swap in modus operandi, noticed by Romanian firm Bitdefender, arrives in the wake of Raccoon Stealer quickly closing the job following one particular of its staff customers responsible for critical functions passed absent in the Russo-Ukrainian war in March 2022.

The Rig Exploit Package is notable for its abuse of browser exploits to distribute an array of malware. Initially spotted in 2019, Raccoon Stealer is a credential-stealing trojan that’s marketed and offered on underground boards as a malware-as-a-services (MaaS) for $200 a thirty day period.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


CyberSecurity

That explained, the Raccoon Stealer actors are previously functioning on a 2nd edition which is anticipated to be “rewritten from scratch and optimized.” But the void left by the malware’s exit is remaining crammed by other information stealers such as RedLine Stealer and Vidar.

Dridex (aka Bugat and Cridex), for its component, has the capability to download additional payloads, infiltrate browsers to steal client login information and facts entered on banking internet websites, capture screenshots, and log keystrokes, amid many others, by means of various modules that enable its functionality to be prolonged at will.

RIG Exploit Kit

In April 2022, Bitdefender found out one more Rig Exploit Package marketing campaign distributing the RedLine Stealer trojan by exploiting an Internet Explorer flaw patched by Microsoft previous calendar year (CVE-2021-26411).

CyberSecurity

That’s not all. Final May possibly, a independent marketing campaign exploited two scripting motor vulnerabilities in unpatched Internet Explorer browsers (CVE-2019-0752 and CVE-2018-8174) to supply a malware called WastedLoader, so named for its similarities to WasterLocker but lacking the ransomware part.

“This the moment all over again demonstrates that threat actors are agile and brief to adapt to modify,” the cybersecurity agency stated. “By design, Rig Exploit Kit enables for rapid substitution of payloads in case of detection or compromise, which aids cyber felony teams recover from disruption or environmental variations.”

Located this report attention-grabbing? Observe THN on Fb, Twitter  and LinkedIn to read through a lot more exceptional content material we submit.


Some areas of this article are sourced from:
thehackernews.com

Previous Post: «Cyber Security News #InfosecurityEurope2022 Firms Face Emerging Threats as Bad Actors Evade Defenses
Next Post: Data breach response: How to react when your business gets hit data breach response: how to react when your business gets»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • CISA Unveils Ransomware Notification Initiative
  • WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites
  • GitHub Updates Security Protocol For Operations Over SSH
  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet

Copyright © TheCyberSecurity.News, All Rights Reserved.